Weekly Vulnerabilities Reports > April 4 to 10, 2005

Overview

12 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 7 high severity vulnerabilities. This weekly summary report vulnerabilities in 12 products from 12 vendors including Punbb, SCO, Ocean12 Technologies, Active WEB Softwares, and Network Client COM. Vulnerabilities are notably categorized as and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 9 reported vulnerabilities are remotely exploitables.
  • 12 reported vulnerabilities are exploitable by an anonymous user.
  • Punbb has the most reported vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

0 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

7 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2005-04-10 CVE-2005-1055 Towerblog Unspecified vulnerability in Towerblog

TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file.

7.5
2005-04-09 CVE-2005-1082 Azerbaijan Development Group Multiple vulnerability in Azerbaijan Development Group Azdgdating 1.1.0

Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.

7.5
2005-04-08 CVE-2005-1067 Access User Class Unspecified vulnerability in Access User Class Access User Class 1.6

Vulnerability in Access_user Class before 1.75 allows local users to gain access as other users via the password "new".

7.5
2005-04-07 CVE-2005-1047 Phpbb Group Unspecified vulnerability in PHPbb Group PHPbb

Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.

7.5
2005-04-06 CVE-2005-1096 Ocean12 Technologies SQL Injection vulnerability in Ocean12 Membership Manager Pro

SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter.

7.5
2005-04-06 CVE-2005-1029 Active WEB Softwares SQL Injection vulnerability in Active web Softwares Active Auction House 7.1

Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp.

7.5
2005-04-05 CVE-2005-1035 Pavuk Unspecified vulnerability in Pavuk

Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact.

7.5

5 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2005-04-07 CVE-2005-1087 AN Unspecified vulnerability in AN An-Httpd 1.42N

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.

6.4
2005-04-10 CVE-2005-1064 Rsnapshot Unspecified vulnerability in Rsnapshot Filesystem Snapshot Utility

The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 changes the ownership of files that a symlink points to rather than the symlink itself, which allows local users to obtain access to arbitrary files.

4.6
2005-04-08 CVE-2005-1094 Network Client COM FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.
4.6
2005-04-07 CVE-2005-0351 SCO Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SCO Openserver 5.0.6/5.0.7

Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.

4.6
2005-04-08 CVE-2005-1072 Punbb Cross-Site Scripting vulnerability in Punbb

Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML.

4.3

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS